Security and Performance

Security Is Our Mindset

culture of security

Since day one, Crelate has been performance and security focused at every level. Every Crelate team member has been through security training and background checks. Our product team holds each accountable through stringent code reviews, performance testing, and vulnerability scans. 

We do this so you can breath easy. Your data is in safe hands.

highlights
  • Built on Microsoft Azure
  • Multi-tenant Environment
  • 100% Encrypted at Rest
  • Geo-redundant Backups

%

Uptime

%

Of Requests Satisfied in 500ms

culture of performance
Crelate moves at the speed you do. We know you don’t have time to wait for your system, so we designed Crelate to be fast. Ultra fast. Every layer of our applications and designs are evaluated for performance as well as security.

platform security

Crelate follows industry best practices and is hosted in Microsoft’s Azure cloud-computing environment which is SOC 1 and SOC 2 compliant. We are a long time Microsoft Partner and our engineering team has been working with the Azure platform from its inception – one of the most trust cloud providers around. 

Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, and SOC 1 and SOC 2. A complete and up-to-date list of certifications can be found on Microsoft Azure’s Compliance Page.
architecture

Crelate has implemented multi-tenancy in layers and exceeds industry best practices at each tier of our application to ensure data is never co-mingled. Preventing unauthorized access to customer data is a top priority for Crelate. To help reach this goal, we have taken an “encrypt everything“ approach whenever possible and wherever customer data being handled. 

encryption

  • All production servers are configured to have their underlying storage protected by Microsoft Azure Encryption at Rest services
  • All backups are encrypted directly from the SQL server using AES-256 encryption.
  • 100% Encrypted at Rest
segmentation
  • All data within our Microsoft SQL Server database is segregated based on a unique tenant ID.
  • Our search and reporting solutions are built on Elastic Search.
  • Customer data files such as attachments, resumes, etc. are stored in a Microsoft Azure Storage Blob. Each customer is provisioned a unique Storage Container.

Primary Data Base

Segmentation

All data within our Microsoft SQL Server database is segregated based on a unique tenant ID. Tenant ID’s are comprised of a 128-bit globally unique identifier (GUID). Every table and row in our database is stamped with this tenant ID. All platform queries made on the database are generated through the Crelate data access layer, whose primary purpose is to properly enforce the inclusion of tenant ID filters based on the calling user’s credentials. Our multi-tenant data access layer has been in use for no less than 3 years and has a complete suite of automated unit tests design specific to validate its enforcement of our multi-tenancy rules.

Encryption

Our live database resides on virtual disks hosted on top of Microsoft Azure Storage Blobs. All production servers are configured to have their underlying storage protected by Microsoft Azure Encryption at Rest services and all blocks of data are encrypted using AES-256 encryption.

Search and Reporting Warehouses

Segmentation

Our search and reporting solutions are built on Elastic Search. Elastic internally provides a mechanism for supporting multiple tenants by virtually dividing the indexes based on a tenant ID. This functionality is native to the platform and we follow industry best practices by making use of this functionality.

Encryption

Database backups are performed using native SQL backup tools and automation. All backups are encrypted directly from the SQL server using AES-256 encryption.

File Storage

Segmentation

Customer data files such as attachments, resumes, etc. are stored in a Microsoft Azure Storage Blob. Each customer is provisioned a unique Storage Container. Containers are Microsoft’s way of virtually segmenting a Storage Account for the purposes of multi-tenancy. This functionality is native to the platform and we follow industry best practices by making use of this functionality.

Encryption

Customer data files such as attachments, resumes, etc. are stored a Microsoft Azure Storage Blob. The entire storage account is configured to use Microsoft Azure Encryption at Rest services and all blocks of data are encrypted using AES-256 encryption.

Caches

Segmentation

Like many modern and fast web applications, Crelate makes use of in-memory caching. Data for each customer tenant is segregated by each Tenant’s globally unique identifier (GUID) for all keys within the cache. This segregation is provided centrally via our internal cache manager.

secure your success

FLEXIBLE, MODERN, PERSONAL

CRELATE TALENT SOLUTIONS